Host Intrusion Detection System Release 3.1 Release Notes
Announcement
What Is HP-UX HIDS?
8
What Is HP-UX HIDS?
HP-UX HIDS is a host-based HP-UX security product for HP computers running HP-UX 11i.
HP-UX HIDS enables security administrators to proactively monitor, detect, and respond to
attacks targeted at specific hosts. Because many types of attacks can bypass network-based
detection systems, HP-UX HIDS complements existing network-based security mechanisms,
bolstering enterprise security.
HP-UX HIDS seeks out patterns that might suggest security breaches or misuses by
examining information about system activity from a variety of data sources. Such illicit
activities might include, for example, an intruder attempting to break into or disrupt your
system, subversive “insider” activities, or someone trying to spread a virus. When HP-UX
HIDS detects an intrusion attempt, it issues an alert to the administrative interface, where
you can immediately investigate the situation, and when necessary, take action against the
intrusion. In addition, you can customize a local response to an alert by using one of the
sample programs described in Appendix B, “Response Programs,” in the HP-UX Host
Intrusion Detection System Administrator’s Guide or by using a program you write yourself.
HP-UX HIDS is particularly useful for enterprise environments in which centralized
management tools control networks of heterogeneous systems. These environments include,
for example, Web servers, transaction processors, application servers, and database systems.